Assessment Proforma 2024-25
Key Information
Module Code
|
CMT310
|
Module Title
|
Developing Secure Systems and Applications
|
Assessment Title
|
Technical Report
|
Assessment Number
|
1
|
Assessment Weighting
|
50%
|
Assessment Limits
|
This individual assessment consists of
THREE tasks to be completed and prepare a final report for the submission on
Learning Central. It should be a single report of 2,000 words (maximum,
including all except references). There should not be any appendix attached or included in this report.
|
The Assessment Calendar can be found under ‘Assessment & Feedback’ in the COMSC- ORG-SCHOOL organisation on Learning Central. This is the single point of truth for (a) the hand out date and time, (b) the hand in date and time, and (c) the feedback return date for all assessments.
Learning Outcomes
The learning outcomes for this assessment are as follows:
This individual assignment contributes to the assessment of the following Learning Outcomes (LO) 1, 2, 3, 4, 5 and 6 of the unit:
1. Compare and contrast common technical security controls available to prevent, detect and recover from security incidents and to mitigate risk. [T2]
2. Articulate security architectures relating to business needs and commercial product
development that can be realised using available tools, products, standards and protocols. [T1, T3]
3. Deliver systems assured to have met their security profile using accepted methods and development processes. [T2]
4. Critically analyse the correctness and properties of secure systems. [T1]
5. Justify the selection of different cryptosystems. [T2]
6. Critically analyse recent cyber security case studies. [T1, T2]
Submission Instructions
The coversheet can be found under ‘Assessment & Feedback’ in the COMSC-ORG- SCHOOL organisation on Learning Central.
All files should be submitted via Learning Central. The submission page can be found under ‘Assessment & Feedback’ in the CMT310 module on Learning Central. Your submission should consist of multiple files:
Description
|
Type
|
Name
|
Coversheet
|
Compulsory
|
One PDF (.pdf) file
|
Coversheet.pdf
|
Report
|
Compulsory
|
One PDF (.pdf) or Word file (.doc or .docx)
|
CMT310_[student
number].pdf/doc/docx
|
If you are unable to submit your work due to technical difficulties, please submit your work via e-mail to comsc-submissions@cardiff.ac.ukand notify the module leader.
Assessment Description
SCENARIO
There has been a major incident for the company ACME.LTD. Their main business is a mixture of manufacturing and distribution management for other organizations. ACME.LTD has the following network infrastructure.
The following services are running within the network:
● Windows Active Directory
● DHCP
● DNS Servers
● Mail Server (running SMTP & POP3)
● OpenVPN
● MsSQL Databases
● Multiple Samba Servers
● Web Servers
The ACME.LTD's databases were compromised via an internal web server. It was accessible via a lost laptop. The lost laptop only required a username and password to access it. However, the password was at least 16 characters long, SecureBoot and full disk encryption were not in use. All workstations and laptops in use are not part of the Windows Active Directory domain. This means all accounts used are local accounts.
Additionally, the attackers were able to use the access to the MsSQL services to pivot to the companies OT network and deploy ransomware. This resulted in the complete shutdown of the operations that relied upon the OT systems that had been Windows-based.
INSTRUCTIONS
This individual assessment consists of THREE tasks as mentioned below. Please carefully consider completing all tasks and prepare your final report. You are expected to submit this report on Learning Central which requires coursework submission as a single report of 2,000 words (maximum, including all except references). There should not be any appendix attached or included in this report. The expected font size is 12 and the font type is ‘Arial’ on all pages. There is no need to add a cover page with your submission but write your student number and name on the top of the first page of the report. You’re expected to back your answers with citations. Note, there is no ±10% word count criteria for this coursework. It is expected that your report (excluding references) must be within the 2,000 words count. Anything written beyond the first 2,000 words would be ignored during marking. Indicative word count against each task is mentioned. However, this is not a strict limit for each task, rather this should be used as a baseline for the expected amount of text/explanation against the maximum marks assigned for each task.
Task 1 [T1]: The CEO and CISO of ACME.TLD would like you to review their network architecture as previously presented and identify security issues, potential risks, and insecure properties.
[Indicative word count: 500]
Task 2 [T2]: Provide recommendations with evidence of the best practices and applicable approaches to secure their network. Also, provide reflect on (i) what could be easily prevented and how, (ii) if not prevented, what could be detected and how, and (iii) if not prevented and detected, what could be recovered from security incidents and how. [Indicative word count: 1,000]
Task 3 [T3]: The CEO and CISO are keen to also know what additional technology and tooling could also be used to help future proof the system and justify your choices. [Indicative word count: 500]
References
References are not counted in the word limit. Use the IEEE format references: https://ieee- dataport.org/sites/default/files/analysis/27/IEEE%20Citation%20Guidelines.pdf.
This point will be further discussed in one of the lectures of the module.
and-referencing/citing-and-referencing-support
HELPING NOTES
• Vulnerability: A weakness in any aspect of a system that makes an exploit possible.
• Threat: A potential cause of an unwanted incident that may result in harm to a system.
• Attack: An attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.
• Risk: An intersection of assets, threats and vulnerabilities.
• System or system model: A system that attackers target for attacks.
• Network Architecture: It is defined as the physical and logical design of the software, hardware, protocols, and media of the transmission of data.
• Security Architecture: The NCSC define security architecture as ‘The practice of designing computer systems to achieve security goals. ’ These security goals are to make initial compromise of the system difficult, limit the impact of any compromise, make disruption of the system difficult, and make detection of a compromise easy. Security architecture must consider all the technology, people and processes relating to a computer system.
• Best Practices: These are a standard or set of guidelines that is known to produce good outcomes if followed.
• Useful article for help: How to Prevent, Detect, and Respond to Cybersecurity Incidents, https://www.eidebailly.com/insights/articles/2020/5/how-to-prevent-detect-and-respond- to-cybersecurity-incidents
Assessment Criteria
Task 1 Reviewing network architecture (Available Marks - 15)
High
Distinction
80%+
|
Critically analysed security issues with potential risks and their impact;
listed and defined security vulnerabilities and threats with rationale and
with specific technical details; identified and critically reflected on insecure properties with valid reasons; excellent demonstration of critical thinking, depth analysis, logical arguments, and citations used.
|
Distinction
70-79%
|
Critically analysed security issues with potential risks; listed and defined security vulnerabilities and threats with rationale and with specific
technical details; identified and critically reflected on insecure properties; Very good demonstration of critical thinking, depth analysis, logical
arguments, and citations used.
|
Merit
60-69%
|
Clearly analysed security issues with potential risks; listed and defined associated security vulnerabilities and threats; clearly identified and
reflected on insecure properties; good demonstration of critical thinking, depth analysis, logical arguments, and citations used.
|
Pass
50-59%
|
Some narration on security issues with potential risks; partially explained insecure properties; reasonable demonstration of critical thinking, depth analysis, logical arguments, and citations used.
|
Marginal Fail
40-49%
|
Not sufficiently narrated security issues with potential risks; not
adequately explained insecure properties; poor demonstration of critical thinking, depth analysis, logical arguments, and citations used.
|
Fail
0-39%
|
Not sufficiently narrated security issues; not explained insecure properties; very poor demonstration of critical thinking, depth analysis, logical
arguments, and citations are not used.
|
Task 2 Provide recommendations and approaches (Available Marks - 20)
High
Distinction
80%+
|
Excellent reflection on possible recommendations; appropriate and suitable use of strong and secure security approaches; excellent
demonstration of critical thinking, and logical arguments; excellent - quality and useful citations/references
|
Distinction
70-79%
|
Very good reflection on possible recommendations; appropriate use of secure security approaches; very good demonstration of critical thinking, and logical arguments; very good and useful citations/references
|
Merit
60-69%
|
Clearly reflected on possible recommendations; adequate use of suitable strong/secure security approaches; good demonstration of critical
thinking, and logical arguments; good citations/references
|
Pass
50-59%
|
Some reflection on recommendations; Partial use of suitable
strong/secure security approaches; reasonable demonstration of critical thinking, and logical arguments; some citations/references
|
Marginal Fail
40-49%
|
Not adequate reflection on recommendations; Not use of suitable security approaches; not sufficient demonstration of critical thinking, and logical arguments; limited citations
|
Fail
0-39%
|
No/limited reflection on recommendations; No use of security approaches; no/limited demonstration of critical thinking, and logical arguments; no
citations
|
Task 3 Additional technology and tooling (Available Marks - 15)
High
Distinction
80%+
|
Shown excellency in understanding and presented correct logical
arguments; excellent reflection on employing correct and suitable
technology and tools; excellent reflection on future proof of the system with valid arguments; excellent demonstration of critical thinking, logical arguments, and quality and suitable citations used
|
Distinction
70-79%
|
Shown very good understanding and presented correct logical arguments; great reflection on employing correct technology and tools; very good
reflection on future proof of the system; great demonstration of critical thinking, logical arguments, and very good citations used
|
Merit
60-69%
|
Shown competency in understanding and presented correct logical
arguments; good reflection on employing correct technology and tools; good and sufficient reflection on future proof of the system; good
demonstration of critical thinking, logical arguments, and good citations used
|
Pass
50-59%
|
Logical arguments with some errors, or invalid statements; some reflection on appropriate technology and/or tooling to be used; Some/partial
reflection on future proof of the system; reasonable demonstration of critical thinking, logical arguments, and some citations used
|
Marginal Fail
40-49%
|
Many factual or technical errors in arguments; inappropriate technology and/or tooling mentioned; Insufficient reflection on future proof of the system; poor demonstration of critical thinking, logical arguments;
no/limited citations used
|
Fail
0-39%
|
Many factual or technical errors in arguments; inappropriate technology and/or tooling mentioned; very limited reflection on future proof of the
system; very poor demonstration of critical thinking, logical arguments; no citations used
|